{% extends "user/base.html" %}
{% load i18n %}
{% load staticfiles %}

{% block head %}
    <script defer src="{% static 'public/user/token.js' %}"></script>
{% endblock %}

{% block head-title %}{% trans 'API Token' %} - {% endblock %}

{% block account-content %}
    <h1>{% trans "API Token" %}</h1>
    <section id="tokenSection">
        <p>
            {% blocktrans %}
                The API token can be used for authentication when calling the app store
                <a href="https://nextcloudappstore.readthedocs.io/en/latest/restapi.html">REST API</a>.
                Make sure to keep it secret. A new token can be generated below, rendering the old token invalid.
            {% endblocktrans %}
        </p>

        <p>{% trans 'Your API token is:' %}</p>

        <!-- DO NOT print the HTML token here because of BREACH attack but fetch it with JS -->
        <p><code id="token"></code></p>
        <form action="{% url 'api:v1:user-token-new' %}" method="post" id="api-token-regen-form">
            <span data-l10n-id="msg-form-success" hidden>{% trans 'New API token generated.' %}</span>
            <div><div class="hidden alert alert-success global-success-msg" hidden></div></div>
            <div><div class="alert alert-danger global-error-msg" hidden></div></div>

            {% csrf_token %}
            <input type="submit" class="btn btn-primary btn-block" value="{% trans 'Regenerate API token' %}" disabled="disabled">
        </form>
    </section>
{% endblock %}
